This blob has been accessed 433 times via Git panel.
- <?php
- if (isset($_POST['go']) and ($_POST['go'] == "index")) {
- header("Location: .");
- }
- if (isset($_POST['go']) and ($_POST['go'] == "reset")) {
- header("Location: reset.php");
- }
- require("core.php");
- session_regenerate_id(TRUE);
- ?>
- <title>Login</title>
- <?php
- if (!isset($_POST['username']) or empty($_POST['username']) or !isset($_POST['password']) or empty($_POST['password'])) {
- $_SESSION = array();
- session_destroy();
- }
- else {
- $put_username = trim(strip_tags($_POST['username']));
- /* Fun with crypt! */
- $put_password = sha1($_POST['password']);
- $put_password = md5($put_password);
- $put_password = crypt($put_password, $put_password);
- $err_username = "1";
- $err_password = "1";
- if ($put_username == $maj_admin_username) {
- $get_password = file_get_contents("$maj_data_directory/password.txt");
- $last_login = "$maj_data_directory/lastlog.txt";
- $logins = "$maj_data_directory/logins.txt";
- $err_username = "0";
- }
- else {
- if (file_exists("$maj_data_directory/members/active/$put_username") and file_exists("$maj_data_directory/bb.txt") and !file_exists("$maj_data_directory/members/active/$put_username/bb-lockout.txt")) {
- $get_password = file_get_contents("$maj_data_directory/members/active/$put_username/password.txt");
- $last_login = "$maj_data_directory/members/active/$put_username/bb-last.txt";
- $logins = "$maj_data_directory/members/active/$put_username/bb-logins.txt";
- $err_username = "0";
- if (($get_password != $put_password) and (file_exists("$maj_data_directory/bb-invalid.txt"))) {
- $max_invalid = file_get_contents("$maj_data_directory/bb-invalid.txt");
- if (file_exists("$maj_data_directory/members/active/$put_username/bb-invalid.txt")) {
- $count_invalid = file_get_contents("$maj_data_directory/members/active/$put_username/bb-invalid.txt");
- }
- else {
- $count_invalid = "0";
- }
- $count_invalid = $count_invalid + 1;
- if ($count_invalid >= $max_invalid) {
- touch("$maj_data_directory/members/active/$put_username/bb-lockout.txt");
- }
- }
- }
- }
- if ($get_password == $put_password) {
- $_SESSION['logged_in'] = $put_username;
- $_SESSION['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
- $_SESSION['maj_server'] = sha1($_SERVER['SERVER_NAME'] . dirname($_SERVER['SCRIPT_NAME']));
- if (file_exists("$maj_data_directory/bb.txt") and ($_SESSION['logged_in'] != $maj_admin_username)) {
- }
- $login_count = file_get_contents($logins);
- $login_count = $login_count + 1;
- $err_password = "0";
- if (file_exists("$maj_data_directory/members/active/$put_username/bb-invalid.txt")) {
- unlink("$maj_data_directory/members/active/$put_username/bb-invalid.txt");
- }
- header("Location: index.php");
- }
- else {
- $_SESSION = array();
- session_destroy();
- }
- }
- include("css.php");
- echo "\n<style> body { margin: {$maj_wspace}px; } </style>\n";
- ?>
- <table border="0" cellspacing="1" cellpadding="1">
- <form enctype="multipart/form-data" action="login.php" method="post">
- <tr><td>Username</td><td><input required autofocus class="input" type="text" maxlength="30" name="username"<?php if (!file_exists("$maj_data_directory/autocomplete.txt")) { echo " autocomplete=\"off\""; } if ($err_username == "0") { echo " value=\"$put_username\""; } ?>></td><?php if ($err_username == "0") { echo "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>The username you entered is correct.</td>"; } if ($err_username == "1") { echo "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>The username you entered is invalid.</td>"; } ?></tr>
- <tr><td>Password</td><td><input required class="input" type="password" maxlength="128" name="password"<?php if (!file_exists("$maj_data_directory/autocomplete.txt")) { echo " autocomplete=\"off\""; } ?>></td><?php if ($err_password == "1") { echo "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>The password you entered is invalid.</td>"; } ?></tr>
- <tr><td></td><td><input class="click" type="submit" value="click here to login"></td></tr>
- </form>
- <form enctype="multipart/form-data" action="login.php" method="post">
- <input type="hidden" name="go" value="index">
- <tr><td></td><td><input class="click" type="submit" value="click here to go to the index page"></td></tr>
- </form>
- <?php if (!file_exists("$maj_data_directory/lite.txt") and file_exists("$maj_data_directory/reset.txt")) { ?>
- <form enctype="multipart/form-data" action="login.php" method="post">
- <input type="hidden" name="go" value="reset">
- <tr><td></td><td><input class="click" type="submit" value="click here to reset your password"></td></tr>
- </form>
- <?php } ?>
- </table>